PayPal has announced today that passkeys are being added as a new, password-less login method to secure PayPal accounts for iPhone, iPad, and Mac users on PayPal.com, with plans to expand passkeys to other platforms as they add support. PayPal passkeys are rolling out to US customers today and will be available to “additional countries” in early 2023.
Passkeys are a new type of login credential that replaces passwords with cryptographic key pairs. They are resistant to phishing attempts and are designed to avoid sharing passkey data between platforms, addressing the weakness of current password-based authentication. Passkeys are supported by Apple, Google, and Microsoft, who have pledged to bring the FIDO Alliance standard to their respective OSes.
Passkeys will sync with iCloud Keychain and are end-to-end encrypted
Reusing passwords across online accounts leaves users open to hacking and other vulnerabilities, but remembering individual login details is no easy task without a secure password manager. A study from Verizon shows that over 2.6 billion records were hacked in 2017, with 81 percent estimated to have been caused by password stealing and guessing.
Existing PayPal users will find an option to create a passkey after logging into their account via a desktop browser or mobile web on devices running iOS 16, iPadOS 16.1, or macOS Ventura. Users will be prompted to authenticate the setup with Apple Face ID or Touch ID. A passkey will then be automatically generated and synced across Apple devices with iCloud Keychain. The feature is currently only supported on desktop and mobile web, and PayPal has confirmed plans to extend support to the PayPal app in the coming months.